#1
|
||||
|
||||
NSA will release some sort of advanced IDA reversing tool in March
NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS and LINUX and supports a variety of processor instruction sets. The GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed, and will be released for free public use at RSA.
https://www.rsaconference.com/events/us19/agenda/sessions/16608-come-get-your-free-nsa-reverse-engineering-tool |
The Following 18 Users Say Thank You to deepzero For This Useful Post: | ||
alekine322 (01-06-2019), copyleft (01-06-2019), cyberbob (01-07-2019), gsaralji (01-05-2019), Indigo (07-19-2019), jgutierrez (01-12-2019), lordi (01-11-2019), Matan (06-12-2020), niculaita (01-06-2019), nimaarek (01-05-2019), ph03n1x (01-23-2019), pps44 (01-06-2019), robotics0 (03-16-2019), Storm Shadow (01-12-2019), tom324 (01-06-2019), tonyweb (01-05-2019), Uknow007 (02-17-2019), WhoCares (01-06-2019) |
#2
|
||||
|
||||
wow.
Is it more powerful than IDA?
__________________
AKA Solomon/blowfish. |
The Following User Says Thank You to WhoCares For This Useful Post: | ||
Indigo (07-19-2019) |
#4
|
||||
|
||||
Will be interesting to see how it competes with IDA and BinaryNinja. Given that it is free, if it can give those a run for their money, it could be a good thing and we could see the prices of the other two go down to compete. But, given that it is made by the NSA, there isn't much really pushing for their tool to be anything amazing and there are already worries of trust and what the tool will include in terms of phone-home like telemetry.
__________________
Personal Projects Site: https://atom0s.com |
#5
|
|||
|
|||
Some spoilers could be found on Wikileak: https://search.wikileaks.org/?q=Ghidra
|
The Following User Says Thank You to qzr For This Useful Post: | ||
Indigo (07-19-2019) |
#6
|
|||
|
|||
Some code tools are now free from NSA
Code:
https://code.nsa.gov/ |
#7
|
|||
|
|||
Is this an old resource or just to save face in wake of the leaks?
|
The Following User Says Thank You to chants For This Useful Post: | ||
Indigo (07-19-2019) |
#8
|
||||
|
||||
The tool has leaked before, but this is a recent announcement that they plan to fully release it from what the various articles have mentioned. The tool was part of some of the WikiLeaks dumps in the past and you can get it already and compile it yourself if you wanted to though.
__________________
Personal Projects Site: https://atom0s.com |
The Following User Says Thank You to atom0s For This Useful Post: | ||
Indigo (07-19-2019) |
#9
|
|||
|
|||
Quote:
|
The Following User Says Thank You to SockPuppet For This Useful Post: | ||
Indigo (07-19-2019) |
#11
|
||||
|
||||
For full results on Wikileaks:
https://search.wikileaks.org/?q=Ghidra More specific ones with actual info: https://wikileaks.org/ciav7p1/cms/page_11628795.html https://wikileaks.org/ciav7p1/cms/page_51183656.html There are leaks around the web still that have the Vault 7 files and such, some were uploaded to GitHub and similar. But they are all still findable on Google.
__________________
Personal Projects Site: https://atom0s.com |
#12
|
||||
|
||||
There Is A Actual download Link on Wikileaks but can't access to that site
"The Ghidra packages are available on DEVLAN @ \\fs-01.devlan.net\share\NSA\Ghidra" |
The Following User Says Thank You to Mendax47 For This Useful Post: | ||
Indigo (07-19-2019) |
#13
|
|||
|
|||
That site is probably internally accessible only and a honeypot from the outside so be careful.
|
#14
|
|||
|
|||
I heared somewhere that the NSA tool were useful to defeat (at least a part) of themida protector. I hope their source code will help our community.
I'll never run their jar |
The Following User Says Thank You to contactmebyhere For This Useful Post: | ||
Indigo (07-19-2019) |
#15
|
|||
|
|||
I can't imagine it will be a full-fledged decompiler which beats hex-rays in its current incarnation though. From what I have seen it looks like just another advanced disassembly tool with some basic decompilation tricks.
But did anyone notice how chessgod101 mysteriously deleted his post after I called it out as an obvious honeypot? |
The Following User Says Thank You to chants For This Useful Post: | ||
Indigo (07-19-2019) |
Thread Tools | |
Display Modes | |
|
|